‘Industrial Control Systems’ Get Hacked with Notorious BlackEnergy Malware

ICS (industrial control system) maneuvers operating human-machine interface (HMI) computer program that some suppliers are providing are getting attacked in a hacking scheme that's utilizing BlackEnergy the malicious program, published threatpost.com dated October 29, 2014.

In a security advisory, United States ICS-CERT (Industrial Control System Cyber Emergency Response Team) has warned that malicious software was detected on HMI software that several companies used.

HMI software helps visualize processes of industrial manufacturing and regulation. This software sends and receives messages from logic controllers that program maneuvers as well as handle processes via the main interface, which is normally a Windows computer. The processes as such are changing temperature, switching off and on pumps, or doing some other function.

Chiefly, 3 HMI products were identified on the verge of being harmed, says the ICS-CERT advisory. These are Siemens WinCC, Advantech/Broadwin WebAccess, and GE Cimplicity. However, other suppliers' HMI products too could be affected, the advisory indicates.

Moreover according to ICS-CERT, the agency hasn't detected any attempts at disrupting, modifying or damaging the control processes of the victims' machines. Theinquirer.net published this, October 29, 2014.

The agency further states it couldn't determine whether the hackers gained admission into the control systems' remaining parts besides the HMI.

Nevertheless, typical malware installations contained programs which would locate any folders shared on the network along with detachable devices so more lateral movement would be possible across the infected region.

The malware in question has been portrayed to be "highly modular" while US-CERT additionally indicates that not all features collectively of the malware have been utilized on every victim.

According to Chief Executive Officer Francis Cianfrocca of New York, US-based security technology firm Bayshore Networks, the assaults depicted are highly worrisome. Securityweek.com published this, October 29, 2014.

Cianfrocca explains the deployment of ICS software on Windows systems is common and this' to stay for long as these software programs evolve extremely slowly. Normally, computers which operate control software have one connection with the IT system and another with the PC-network. However, if the controls aren't carefully maneuvered, the described defense model too can be effortlessly defeated if the malware used is sophisticated enough.

» SPAMfighter News - 11/6/2014